5 Steps To Test Email Security

It is no longer enough to rely on your users and security layers to determine the effectiveness of your email security. The "wait and see" approach of how your users will respond to emails with threats is not a good practice. The need to run simulated tests to test email security is very important. Running tests provide another layer of security for your organization. It provides additional insight into how effective a company's email security posture is. A free email security phishing tool will show you how many users fell victim to a phishing attack. The results from the test will give you a breakdown of the number of users that clicked vs didn't click on the suspicious link.

The tool we will use is the Free Phishing Security Test tool by KnowBe4.com. You can run this security phishing test directly from the KnowBe4.com website. In this article, we will cover the five steps to help you run the security test. The only catch is that a sign-up is required in order to use the tool.

Free Phishing Tool To Test Email Security

Click here to sign up for your free test. Once you are logged in, you will be able to choose your email type.

1. Choose your industry and company size.

email security free phishing test

2. Select your phishing email style and language.

This is the email style that will be sent to your users. Choose Microsoft Exchange if your company uses this email server. There are several other options to choose for phishing email style.

phishing email style 1 5 Steps To Test Email Security

3. Choose the phishing email to send to your employees.

This is the email that your users will receive with instructions to click on the link. You will see the email domain that you specified during sign up.

phishing password change preview 5 Steps To Test Email Security

4. Select the landing page.

This is the page that your users will be redirected to if they click on the link in the email. You can also choose the 404 Not Found landing page.

phishing landing page 5 Steps To Test Email Security

5. Review your security tool test results.

In this report you will see how many users received the email, and the number of users that clicked the link.

phishing security test results 5 Steps To Test Email Security

Pay close attention to the "total delivered" and the "total clicks" rows. First, if you have an effective email security measure in place, your users should never see any of the emails from the phishing test above. Second, if your users did receive the email, this points to a deeper problem. Check to make sure that your email security is properly configured. For example, if you are using Office 365, check the spam settings in Defender. Make sure that your mail domain is properly set up with a DMARC record. Otherwise, this could allow someone to spoof your domain (i.e., to pretend to be authenticated and send email from inside your domain to other users).

After you run the test, you will receive a PDF emailed to you within a day with the percentage breakdown.

How well did you do? How many of your users fell victim to the phishing test? What if this had been a real threat with a malicious link? This is how fast your users will be fooled into a cyberattack and bypass your email security. As you will see, the end user is the end of your security layer. Your security is only as strong as its weakest link. The results show the actual state of email security and the need for user cybersecurity best practice training.

Suite of Free Phishing Tools

The site offers a suite of free security tools to test your security, from phishing tests (see below) to email exposure, domain spoof test, mailserver assessment, and domain look-alike test.

  • Phishing Security Test - Test up to 100 users with a link in email.
  • Phishing Reply Test - Test key users with no email link to see if user replies back to a highly targeted attack.
  • Phish Alert Button - Gives your users a way to forward email with threats.
  • Second Chance - Provide users a method to back out after clicking on a link.
  • Social Media Phishing Test - Test users to spear phishing threats.

The right Managed Service Provider (MSP) technology partner will help your business implement the best email security solution to protect against modern phishing attacks.

About Us

Everything IT Pros is a managed IT solutions company that is aiming to simplify and modernize how you acquire external IT support & security. We don't compromise with good, better, best packages and we don't believe you should do business with us because of a long-term contract. We want to earn your business every month. You’re never locked into us – we’re that confident of what we have to offer! Our clients benefit from wired and wireless networks to endpoint security and support. We also provide digital marketing and SEO optimization of Google My Business, local ranking, on-page SEO, and SEM. We have the expertise and services to help you manage, secure, and grow your business. Click here to contact us.